News
-
MongoDB Warns System Admins to Patch Severe Security Vulnerability Immediately
Read more: MongoDB Warns System Admins to Patch Severe Security Vulnerability ImmediatelyMongoDB has issued an urgent warning for IT administrators to patch their systems immediately. The warning concerns a high-severity security vulnerability that can be exploited remotely without authentication. The vulnerability is tracked as CVE-2025-14847. It…
-
Critical n8n Flaw (CVSS 9.9) Allows Arbitrary Code Execution
Read more: Critical n8n Flaw (CVSS 9.9) Allows Arbitrary Code ExecutionA critical security vulnerability has been discovered in the n8n workflow automation platform. If exploited, this flaw could allow arbitrary code execution on affected systems. The vulnerability is tracked as CVE-2025-68613 and has a CVSS…
-
WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN Flaw
Read more: WatchGuard Warns of Active Exploitation of Critical Fireware OS VPN FlawWatchGuard has released security updates to fix a critical vulnerability in Fireware OS that is actively exploited in real-world attacks. The issue, tracked as CVE-2025-14733 with a CVSS score of 9.3, allows a remote unauthenticated…
-
React Releases Security Fixes for React Server Components
Read more: React Releases Security Fixes for React Server ComponentsThe React team has released security updates to fix several new vulnerabilities in React Server Components (RSC). If exploited, these flaws could lead to denial-of-service (DoS) attacks or source code exposure. The issues were discovered…
-
Grafana Releases Critical Security Update to Patch CVE-2025-41115
Read more: Grafana Releases Critical Security Update to Patch CVE-2025-41115Grafana has released an important security update to fix a critical vulnerability that could allow attackers to escalate privileges or even take over user accounts. Because of the high severity, the company strongly recommends all…
-
Cisco Warns of New Attack Variant Targeting Vulnerable ASA and FTD Devices
Read more: Cisco Warns of New Attack Variant Targeting Vulnerable ASA and FTD DevicesCisco has announced a new attack variant that targets devices running Cisco Secure Firewall Adaptive Security Appliance (ASA) and Cisco Secure Firewall Threat Defense (FTD). These systems are vulnerable to two serious security issues: CVE-2025-20333…
-
CISA Issues Warning About Actively Exploited Critical Vulnerability in Oracle Identity Manager
Read more: CISA Issues Warning About Actively Exploited Critical Vulnerability in Oracle Identity ManagerCISA has released an alert about a critical security flaw in Oracle Identity Manager that is now being actively exploited. The vulnerability is tracked as CVE-2025-61757 and carries a CVSS score of 9.8. Zero-Day Vulnerability…
-
Matrix Push C2: A New Phishing Technique Through Browser Notifications
Read more: Matrix Push C2: A New Phishing Technique Through Browser NotificationsA new command-and-control (C2) platform called Matrix Push C2 has been found exploiting browser notifications to carry out cross-platform phishing attacks. This technique is considered dangerous because it is fileless and capable of operating on…
-
QNAP Releases Security Updates to Patch 7 Zero-Day Vulnerabilities from Pwn2Own Ireland 2025
Read more: QNAP Releases Security Updates to Patch 7 Zero-Day Vulnerabilities from Pwn2Own Ireland 2025QNAP has released new security updates to fix seven zero-day vulnerabilities that were exploited by security researchers during the Pwn2Own Ireland 2025 competition. Due to the severity of these issues, all users are strongly advised…
-
Beware! Security Application CCleaner, Infiltrated by Malware
Read more: Beware! Security Application CCleaner, Infiltrated by MalwarePengguna aplikasi keamanan CCleaner untuk Windows diimbau untuk memperbarui software sesegera mungkin. Peneliti menemukan ada kelompok peretas yang menyematkan penembus enkripsi alias backdoor di CCleaner. Backdoor itu memungkinkan peretas menyisipkan malware berbahaya. Diperkirakan 2,27 juta pengguna CCleaner telah menjadi korban.…